Vulnerability Description
Incorrect Authorization vulnerability in Centreon web (API Token creation form modules) allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.
CVSS Score
7.2
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Centreon | Centreon Web | >= 24.04.0, < 24.04.10 |
Related Weaknesses (CWE)
References
- https://github.com/centreon/centreon/releasesRelease Notes
- https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55572-centreVendor Advisory
FAQ
What is CVE-2025-4646?
CVE-2025-4646 is a vulnerability with a CVSS score of 7.2 (HIGH). Incorrect Authorization vulnerability in Centreon web (API Token creation form modules) allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.
How severe is CVE-2025-4646?
CVE-2025-4646 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-4646?
Check the references section above for vendor advisories and patch information. Affected products include: Centreon Centreon Web.